W3C, Encrypted Media Extensions and DRM: A rant

The recent decision of the Director of the World Wide Web Consortium to overrule members’ objections to publishing a DRM standard for the Web, together with a series of rant I have read around about the issue; compelled me to write my own rant. What follows is, as usual, my own personal view on the subject and does not represent that of any of my partners or contractors.

The argumnent that the Web would become irrelevant if it didn’t support reproducing DRM-protected content, therefore some sort of DRM-supporting technology has to be standarized as part of the W3C, is two-fold flawed. Yet this is one of the core arguments used to defend supporting Encrypted Media Extension (EME), a technology that enables DRM, as a W3C standard.

On one hand, this is like saying that the Web is mostly useful for reproducing DRM-video from the big content distributors, downplaying the rest of the features that make the Web so important and empowering. It is actually the case that the usefulness of the open Web is very hard to replicate with (a collection of) non-Web applications; while reproducing DRM-protected video would be a tiny feature of the Web, in comparison.

Notice also, that this is problematic only for DRM-protected content, which accounts for only a fraction of the video content available on the Internet. Otherwise non-DRM video can perfectly be reproduced today with HTML5. While it is true that there is high user demand for content distributed by those same companies that push for DRM on the Web; there isn’t any requirement to use DRM to deliver that content other than supporting a very specific business practice that is only important for one party, the distributors, and ncessarily results in more control and freedom-limiting to users.

Is it the W3C’s mission to protect business models and practices (of dubidous effectiveness and well-known privacy and/or security issues)? No, it isn’t.

On the other hand, it is a fallacy that if a given DRM-enabling technology is not part of a W3C standard, it will necessarily bring fragmentation to the ecosystem because each player will (re)invent their own DRM technology. True, this is what has hapended with Flash and Silverlight, but arguably because there wasn’t a W3C standard. These technologies were invented many years before consuming video on the Web was popular or even possible, at a time when the value of avoiding fragmentation was not enough or not evident to implementors. These technologies existed before the big streaming corps of today existed, and were created for other purposes at a time when browsers were competing in features at the expense of interoperability (remember IE?).

The Industry players (content distributors, web implementors, etc) are free to agree on a common solution outside the umbrella of the W3C, because it is in their best interest to avoid fragmentation. It saves costs and makes for a better user experience. It is what industries do when they see opportunity for cutting down costs. Just don’t utilize the W3C (or better, the W3C should not let itself be utilized) to standarize a techonology that undermines the openness of the Web.

Browsers vendors are and will always be competing with each other. The W3C’s best position might just be to leave the market do what it is (supposedly) good at; and limit itself to advise against DRM, or failing that, at most provide guidelines on how to limit the damage should Web DRM happens in other forum (e.g, implement sandboxing, UX for user consent, make it opt-in, protect researchers, etc).

The reality is that DRM content distributors need the Web more than the Web needs to support DRM-content. It is just much cheaper for them if the W3C, a respected institution, solves the fragmentation for them.

By enshrining EME in its standards, the W3C is unnecessarily supporting a set of (corporate) interests at the expense of its users’ interests, giving undeserved legitimacy to DRM, based on an argument of pragmatism that doesn’t exist.

Going even further, it is arguable that the Web should support every feature that there is out there, if it bears a risk for its users in terms of privacy, security and freedom of research. Today, Web users don’t expect to do absolutely everything in a Web browser, even if that is desirable in the future. Most borwsers out there support configuring 3er party URL schemes that would launch a native application to handle the content pointed to by such URL. This might just be an acceptable trade-off for the Web ecosystem for specific types of content.

Also, the majority of content distributors have their own native players. In most cases, they promote the use of their native apps to users over the Web version of their players, because the experience is usually better and they can exert more control.

It might be that we have all been sold a straw man.